PT-2022-11532 · Siemens · Ruggedcom Rsg909R+49
Published
2022-03-08
·
Updated
2023-12-12
·
CVE-2021-42017
CVSS v3.1
5.9
Medium
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
RUGGEDCOM i800
RUGGEDCOM i801
RUGGEDCOM i802
RUGGEDCOM i803
RUGGEDCOM M2100
RUGGEDCOM M2100F
RUGGEDCOM M2200
RUGGEDCOM M2200F
RUGGEDCOM M969
RUGGEDCOM M969F
RUGGEDCOM RMC30
RUGGEDCOM RMC8388 versions 4.X through 5.X
RUGGEDCOM RP110
RUGGEDCOM RS1600
RUGGEDCOM RS1600F
RUGGEDCOM RS1600T
RUGGEDCOM RS400
RUGGEDCOM RS400F
RUGGEDCOM RS401
RUGGEDCOM RS416
RUGGEDCOM RS416F
RUGGEDCOM RS416P
RUGGEDCOM RS416PF
RUGGEDCOM RS416Pv2 versions 4.X through 5.X
RUGGEDCOM RS416v2 versions 4.X through 5.X
RUGGEDCOM RS8000
RUGGEDCOM RS8000A
RUGGEDCOM RS8000H
RUGGEDCOM RS8000T
RUGGEDCOM RS900
RUGGEDCOM RS900 (32M) versions 4.X through 5.X
RUGGEDCOM RS900F
RUGGEDCOM RS900G
RUGGEDCOM RS900G (32M) versions 4.X through 5.X
RUGGEDCOM RS900GF
RUGGEDCOM RS900GP
RUGGEDCOM RS900GPF
RUGGEDCOM RS900L
RUGGEDCOM RS900M-GETS-C01
RUGGEDCOM RS900M-GETS-XX
RUGGEDCOM RS900M-STND-C01
RUGGEDCOM RS900M-STND-XX
RUGGEDCOM RS900W
RUGGEDCOM RS910
RUGGEDCOM RS910L
RUGGEDCOM RS910W
RUGGEDCOM RS920L
RUGGEDCOM RS920W
RUGGEDCOM RS930L
RUGGEDCOM RS930W
RUGGEDCOM RS940G
RUGGEDCOM RS940GF
RUGGEDCOM RS969
RUGGEDCOM RSG2100
RUGGEDCOM RSG2100 (32M) versions 4.X through 5.X
RUGGEDCOM RSG2100F
RUGGEDCOM RSG2100P
RUGGEDCOM RSG2100PF
RUGGEDCOM RSG2200
RUGGEDCOM RSG2200F
RUGGEDCOM RSG2288 versions 4.X through 5.X
RUGGEDCOM RSG2300 versions 4.X through 5.X
RUGGEDCOM RSG2300F
RUGGEDCOM RSG2300P versions 4.X through 5.X
RUGGEDCOM RSG2300PF
RUGGEDCOM RSG2488 versions 4.X through 5.X
RUGGEDCOM RSG2488F
RUGGEDCOM RSG907R
RUGGEDCOM RSG908C
RUGGEDCOM RSG909R
RUGGEDCOM RSG910C
RUGGEDCOM RSG920P versions 4.X through 5.X
RUGGEDCOM RSL910
RUGGEDCOM RST2228
RUGGEDCOM RST2228P
RUGGEDCOM RST916C
RUGGEDCOM RST916P
Description
A new variant of the POODLE attack has left a third-party component vulnerable due to the implementation flaws of the CBC encryption mode in TLS 1.0 to 1.2. If an attacker were to exploit this, they could act as a man-in-the-middle and eavesdrop on encrypted communications.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improperly Implemented Security Check for Standard
Improper Certificate Validation
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Ruggedcom M2100
Ruggedcom M2200
Ruggedcom M969
Ruggedcom Rmc30
Ruggedcom Rmc8388
Ruggedcom Rp110
Ruggedcom Rs1600
Ruggedcom Rs1600F
Ruggedcom Rs1600T
Ruggedcom Rs400
Ruggedcom Rs401
Ruggedcom Rs416
Ruggedcom Rs416P
Ruggedcom Rs416Pv2
Ruggedcom Rs8000
Ruggedcom Rs8000A
Ruggedcom Rs8000H
Ruggedcom Rs8000T
Ruggedcom Rs900
Ruggedcom Rs900G
Ruggedcom Rs900Gp
Ruggedcom Rs900L
Ruggedcom Rs900M-Gets-C01
Ruggedcom Rs900M-Gets-Xx
Ruggedcom Rs900M-Stnd-C01
Ruggedcom Rs900M-Stnd-Xx
Ruggedcom Rsl910
Ruggedcom Rs910L
Ruggedcom Rs920L
Ruggedcom Rs930L
Ruggedcom Rs940G
Ruggedcom Rs969
Ruggedcom Rsg2100
Ruggedcom Rsg2100P
Ruggedcom Rsg2200
Ruggedcom Rsg2288
Ruggedcom Rsg2300
Ruggedcom Rsg2300P
Ruggedcom Rsg2488
Ruggedcom Rsg907R
Ruggedcom Rsg908C
Ruggedcom Rsg909R
Ruggedcom Rsg910C
Ruggedcom Rsg920P
Ruggedcom Rst2228
Ruggedcom Rst916C
Ruggedcom I800
Ruggedcom I801
Ruggedcom I802
Ruggedcom I803